Headline
CVE-2022-36417: 3D Tag Cloud
Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in 3D Tag Cloud plugin <= 3.8 at WordPress.
- Details
- Reviews
- Support
- Development
This plugin has been closed as of September 22, 2022 and is not available for download. This closure is temporary, pending a full review.
I have been using this plugin for years now–beginning with PHP 5.6.X, and currently running under WP v5.9.X and PHP 7.4.X. I have also done a local Laragon dev under PHP 8.1.X and it still rolls on! It is completely configurable to mimic the CSS of your theme–and while is a bit of useful fluff–it certainly adds charm to a WP site.
The use of ‘wp_head’ hook to inject javascript code that requires jQuery may fail. I changed it to ‘wp_footer’ Calling jQuery.noConflict() also makes other parts of the website that use $ to call jQuery fail. It is really unnecessary to call .noConflict() so I recommend removing it.
I Like it. Actually, it made me clean up my tag DB just to be able to use it 🙂
The new version of this plugin avails the options under the Settings Menu under 3D Tag Cloud. A quick update of the settings and adding a few quick tags to the posts gave me a nice addition to alternative prism view of my site. I love it. I use in on GiantLeap.com for now and will add to others I am sure.
in the new Version this Plugin is full OK. I say Thank you for this Plugin, i use this on my Site.
Great idea, but not customizable with no options for colours, different tags, and locations (i.e. sidebar, bottom, etc). It seems to also have a bug that remains on different pages.
Read all 23 reviews
“3D Tag Cloud” is open source software. The following people have contributed to this plugin.
Contributors
- Vinoj Cardoza